Many small and midsized businesses (SMBs) believe they are below the notice of cybercriminals. A recent report from Symantec, however, dispels this as myth.
In fact, almost one third of targeted attacks are aimed at organizations with fewer than 250 employees, according to the Symantec 2013 Internet Security Threat Report, released earlier this month. That’s a huge increase from the 18 percent that small businesses represented in last year’s report.
“The most significant increase or portion of all targeted attacks go to small businesses,” said Symantec researcher Vikram Thakur during a recent conversation with IFSEC Global.
Thakur points to a variety of reasons for the interest in these smaller organizations:
- Smaller organizations are more likely to be short staffed or under-resourced in terms of IT infrastructure around asset protection.
- Like larger organizations, SMBs have intellectual property, as well as customer and financial data, that cybercriminals can monetize.
- Smaller organizations often do not have dedicated IT professionals to manage patching, upgrades, and other security-related duties.
- Many smaller organizations fall into the supply chain of larger organizations and so might provide an entry into a larger target.
Small organizations then, need to be aware of the threat landscape. The most-targeted sectors are manufacturing, insurance, finance, real estate, and government. To catch their prey, cybercriminals are increasingly using sophisticated attacks to lure and infect unsuspecting victims. For example, watering hole attacks, which put malware on websites frequented by the intended victims, are becoming standard fare. Symantec outlines four stages to this type of attack:
Mobile malware, meanwhile, is on a meteoric rise. The Symantec report identified 415 found and patched mobile vulnerabilities in 2012, up from 315 in the previous year. In 2010, the company identified 163 mobile vulnerabilities. “Overall, we’ve seen a 58 percent increase in mobile malware families out there,” Thakur told us. As might be expected, Android malware led in terms of popularity, just as the platform did. One third of mobile threats steal information from the user’s phone, while a fewer number deliver adware or do GPS tracking.
Thakur expects the current trajectory to continue, and so SMBs must invest in protecting against malware threats and safeguarding data.
Free Download: The Video Surveillance Report 2023
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
